TCG to Add Microsoft's NAP

Microsoft and Trusted Computing Group announce interoperability

LAS VEGAS -- Trusted Computing Group (TCG), which develops open standards for computing security, and Microsoft Corp., a TCG member and active participant, today announced at Interop Las Vegas 2007 that they will provide customers and partners interoperability of TCG’s Trusted Network Connect (TNC) architecture and Microsoft® Network Access Protection (NAP) for network access control (NAC). This interoperability means customers can use NAP products in TNC-protected networks and TNC products in NAP-protected networks. NAP partners can support TNC clients and servers, and TNC implementers can support NAP clients, servers and protocols.

The first step in the interoperability of NAP and TNC will be enabled by Microsoft’s contribution of its Statement of Health (SoH) protocol to the Trusted Computing Group. A new specification, the IF-TNCCS-SOH, is being released today as part of the TNC architecture. Vendors can begin implementing the IF-TNCCS-SOH specification immediately. Several demonstrations of the new specification will be shown on the Interop show floor this week in TCG’s booth #211 and in Microsoft’s booth #1548.

With this interoperability, customers of both Microsoft and TNC-enabled networks can realize significant benefits:

Interoperability and customer choice: Customers are now provided with a choice of architectural and product options. They will be able to choose components, infrastructure and technology as best serves their business needs while being assured of interoperability.

Simplification, clarity, and confidence: The interoperability of NAP and TNC provides helpful guidance for customers considering network access control architectures and products and offers assurance that a wide variety of products will work together.

Investment protection: The interoperability of TNC and NAP platforms enables customer reuse and investment protection of their TNC and/or NAP deployments. For example, customers can begin deploying products based on TNC specifications today and integrate NAP into the environment concurrent with their deployment of Windows Vista® and Windows Server® 2008.

Single agent included in Windows®: Computers running Windows Vista, Windows Server 2008, and future versions of Windows XP will include the NAP Agent component as part of the core operating system. The NAP Agent will be used for both NAP and TNC.

As products supporting the new IF-TNCCS-SOH specification become available in the coming months, customers will be able to start implementing portions of NAP-TNC interoperability. TNC servers that support the SoH protocol can interoperate with Windows Vista and other NAP clients without requiring any extra software to be downloaded or installed on the client. TNC clients that support the SoH protocol can participate in NAP-protected networks, authenticating and participating in health checks.

“The contribution of the Statement of Health, Microsoft’s primary client-server protocol, to the TNC architecture enables a wide variety of network access control implementations for customers and for vendors, ultimately helping provide significantly better protection of corporate information and assets,” said Steve Hanna, co-chair of the TCG TNC work group and distinguished engineer, Juniper Networks. “Agreeing on common security standards provides a solid foundation on which we can build a more secure computing future.”

Trusted Computing Group

Microsoft Corp. (Nasdaq: MSFT)

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5